Treasury Direct account security discussion at Bogleheads

Discussion of the Cash portion of the Permanent Portfolio

Moderator: Global Moderator

ppnewbie
Executive Member
Executive Member
Posts: 151
Joined: Fri May 03, 2019 6:04 pm

Re: Treasury Direct account security discussion at Bogleheads

Post by ppnewbie » Sat Feb 29, 2020 9:58 am

I’ll add my own experience in this thread. I have I bonds in treasury direct. The site and opacity of the support does make me nervous.

I am going to take the suggestion on this thread to capture images and build spreadsheets of all the bonds I currently own.

From my perspective - they are the equivalent of cash, since I believe you can sell them any time, even before the one year period. Your only penalty is that you lose the interest.

Please correct me if I am off base on that. Also - I don’t quite understand EE bonds. I’ll research that before my next purchase.

One question I had is - Are I bonds considered as safe as t-bills in case of a zombie apocalypse?
User avatar
jhogue
Executive Member
Executive Member
Posts: 512
Joined: Wed Jun 28, 2017 10:47 am

Re: Treasury Direct account security discussion at Bogleheads

Post by jhogue » Sat Feb 29, 2020 10:30 am

Dear ppnewbie,
Welcome to the forum.

1. It is always a good idea to make a spreadsheet with a list of your I bonds.

2. I bonds cannot be cashed until they are one year old. After that, you can cash them any time. From one year to five years there is a 3 month interest rate penalty. After that there is no penalty to cash them.

3. EE bonds protect your cash from deflation, similar to how I bonds protect your cash from inflation. Their current rate is minimal, but if you hold them for 20 years they will automatically double in value. EE bonds work best for long term liability matching, like paying for college or financing early retirement.

4. Both I bonds and EE bonds have the same "full faith and credit" backing of the US Treasury as T bills, so, yes, your principal is considered risk free. Nobody has ever seen a real zombie apocalypse, but US savings bonds have survived every possible economic condition since they were created in the 1930s.
“Groucho Marx wrote:
A stock trader asked him, "Groucho, where do you put all your money?" Groucho was said to have replied, "In Treasury bonds", and the trader said, "You can't make much money on those." Groucho said, "You can if you have enough of them!"
User avatar
vnatale
Executive Member
Executive Member
Posts: 3188
Joined: Fri Apr 12, 2019 8:56 pm
Location: Massachusetts
Contact:

Re: Treasury Direct account security discussion at Bogleheads

Post by vnatale » Thu Apr 23, 2020 6:06 pm

ochotona wrote:
Wed Oct 23, 2019 5:21 pm
grapesofwrath wrote:
Wed Oct 23, 2019 8:36 am
I would think Treasury Direct is safer than Vanguard/Schwab/Fidelity because it has virtually no customer service.
Interesting perspective. I've gone round and round in my head on this matter, and I think if you use the 2FA (I send 2FA emails to Hotmail), and if you vigorously defend said 2FA channel (I use 2FA on my 2FA, and it ain't a phone, it's an authenticator app), and if you change the password every once in a while (16 characters for me, upper / lower / numbers /symbols), and if you print out proof of ownership, you won't have problems.
Is it possible for you to further elaborate on the above?

Vinny
"I only regret that I have but one lap to give to my cats."
User avatar
ochotona
Executive Member
Executive Member
Posts: 3177
Joined: Fri Jan 30, 2015 5:54 am

Re: Treasury Direct account security discussion at Bogleheads

Post by ochotona » Thu Apr 23, 2020 6:27 pm

vnatale wrote:
Thu Apr 23, 2020 6:06 pm

Is it possible for you to further elaborate on the above?

Vinny

TD sends you an email if you try to login. But that's only as good as your email security. So my email has strong two-factor authentication as well, using a phone app. Text is a weaker form of two-factor auth, because you can get your phone number stolen ("SIM hacking").
User avatar
vnatale
Executive Member
Executive Member
Posts: 3188
Joined: Fri Apr 12, 2019 8:56 pm
Location: Massachusetts
Contact:

Re: Treasury Direct account security discussion at Bogleheads

Post by vnatale » Thu Apr 23, 2020 6:50 pm

ochotona wrote:
Thu Apr 23, 2020 6:27 pm
vnatale wrote:
Thu Apr 23, 2020 6:06 pm

Is it possible for you to further elaborate on the above?

Vinny

TD sends you an email if you try to login. But that's only as good as your email security. So my email has strong two-factor authentication as well, using a phone app. Text is a weaker form of two-factor auth, because you can get your phone number stolen ("SIM hacking").
How about a phone call where you get a code that you need to input. How do you rank that? That is what banks will do (and, Vanguard).

But still trying to get the details on your email.

TD sends this email to an email address. I'm still not following..."So my email has strong two-factor authentication as well, using a phone app." And, I don't know if you cannot elaborate because then that gives someone some knowledge of how to get into your account.

Are you saying this email address is only for this login which has the strong two-factor authentication? Or, all your email? I'm suspecting it is the former.

I can only imagine that the email is sent to an email address which you only use for this? And, that requires you to enter the email address and password via a browser? Or, it comes directly to you via your regular email programs? Just not seeing what the phone app is doing. Are you able to disclose the phone app? Or, would doing so compromise your security?

Vinny

Vinny
"I only regret that I have but one lap to give to my cats."
User avatar
ochotona
Executive Member
Executive Member
Posts: 3177
Joined: Fri Jan 30, 2015 5:54 am

Re: Treasury Direct account security discussion at Bogleheads

Post by ochotona » Thu Apr 23, 2020 7:50 pm

I use Hotmail for financial matters, which is Microsoft. I can't possibly make a good explanation of MS security, you may read it here:

https://support.microsoft.com/en-us/hel ... rification

Security of whatever communications channel you are using for 2FA is paramount.
Post Reply